Visible to the public Biblio

Found 459 results

Filters: First Letter Of Last Name is D  [Clear All Filters]
A B C [D] E F G H I J K L M N O P Q R S T U V W X Y Z   [Show ALL]
Davidson, Drew, Chen, Yaohui, George, Franklin, Lu, Long, Jha, Somesh.  2017.  Secure Integration of Web Content and Applications on Commodity Mobile Operating Systems. Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security. :652–665.

A majority of today's mobile apps integrate web content of various kinds. Unfortunately, the interactions between app code and web content expose new attack vectors: a malicious app can subvert its embedded web content to steal user secrets; on the other hand, malicious web content can use the privileges of its embedding app to exfiltrate sensitive information such as the user's location and contacts. In this paper, we discuss security weaknesses of the interface between app code and web content through attacks, then introduce defenses that can be deployed without modifying the OS. Our defenses feature WIREframe, a service that securely embeds and renders external web content in Android apps, and in turn, prevents attacks between em- bedded web and host apps. WIREframe fully mediates the interface between app code and embedded web content. Un- like the existing web-embedding mechanisms, WIREframe allows both apps and embedded web content to define simple access policies to protect their own resources. These policies recognize fine-grained security principals, such as origins, and control all interactions between apps and the web. We also introduce WIRE (Web Isolation Rewriting Engine), an offline app rewriting tool that allows app users to inject WIREframe protections into existing apps. Our evaluation, based on 7166 popular apps and 20 specially selected apps, shows these techniques work on complex apps and incur acceptable end-to-end performance overhead.

Davies, Nigel, Taft, Nina, Satyanarayanan, Mahadev, Clinch, Sarah, Amos, Brandon.  2016.  Privacy Mediators: Helping IoT Cross the Chasm. Proceedings of the 17th International Workshop on Mobile Computing Systems and Applications. :39–44.

Unease over data privacy will retard consumer acceptance of IoT deployments. The primary source of discomfort is a lack of user control over raw data that is streamed directly from sensors to the cloud. This is a direct consequence of the over-centralization of today's cloud-based IoT hub designs. We propose a solution that interposes a locally-controlled software component called a privacy mediator on every raw sensor stream. Each mediator is in the same administrative domain as the sensors whose data is being collected, and dynamically enforces the current privacy policies of the owners of the sensors or mobile users within the domain. This solution necessitates a logical point of presence for mediators within the administrative boundaries of each organization. Such points of presence are provided by cloudlets, which are small locally-administered data centers at the edge of the Internet that can support code mobility. The use of cloudlet-based mediators aligns well with natural personal and organizational boundaries of trust and responsibility.

Davila, Y. G., Júnior, F. A. Revoredo, Peña-Garcia, R., Padrón-Hernández, E..  2019.  Peak in Angular Dependence of Coercivity in a Hexagonal Array of Permalloy Spherical Nanocaps. IEEE Magnetics Letters. 10:1–3.

Micromagnetic simulations of coercivity as a function of external magnetic field direction were performed for a hexagonal array of hemispherical Permalloy nanocaps. The analysis was based on hysteresis loops for arrangements of nanocaps of variable thickness (5 nm and 10 nm). The angular dependence of coercivity had a maximum at about 80° with respect to the arrangement plane. An increase in coercivity with nanocap thickness is related to the magnetization reversal mechanism, where the dipole energy of individual caps generates an effective intermediate axis, locking the magnetic moments. The coercivity has maximum values of 109 Oe for 5 nm and 156 Oe for 10 nm thickness. The remanence decreases monotonically with angle. This is associated with the influence of shape anisotropy, where the demagnetizing field in the plane of the array is much smaller than the demagnetizing field perpendicular to the plane.

Davis, Agnes, Shashidharan, Ashwin, Liu, Qian, Enck, William, McLaughlin, Anne, Watson, Benjamin.  2014.  Insecure Behaviors on Mobile Devices Under Stress. Proceedings of the 2014 Symposium and Bootcamp on the Science of Security. :31:1–31:2.

One of the biggest challenges in mobile security is human behavior. The most secure password may be useless if it is sent as a text or in an email. The most secure network is only as secure as its most careless user. Thus, in the current project we sought to discover the conditions under which users of mobile devices were most likely to make security errors. This scaffolds a larger project where we will develop automatic ways of detecting such environments and eventually supporting users during these times to encourage safe mobile behaviors.

Davis, B., Glenski, M., Sealy, W., Arendt, D..  2020.  Measure Utility, Gain Trust: Practical Advice for XAI Researchers. 2020 IEEE Workshop on TRust and EXpertise in Visual Analytics (TREX). :1–8.
Research into the explanation of machine learning models, i.e., explainable AI (XAI), has seen a commensurate exponential growth alongside deep artificial neural networks throughout the past decade. For historical reasons, explanation and trust have been intertwined. However, the focus on trust is too narrow, and has led the research community astray from tried and true empirical methods that produced more defensible scientific knowledge about people and explanations. To address this, we contribute a practical path forward for researchers in the XAI field. We recommend researchers focus on the utility of machine learning explanations instead of trust. We outline five broad use cases where explanations are useful and, for each, we describe pseudo-experiments that rely on objective empirical measurements and falsifiable hypotheses. We believe that this experimental rigor is necessary to contribute to scientific knowledge in the field of XAI.
Davis, D. B., Featherston, J., Fukuda, M., Asuncion, H. U..  2017.  Data Provenance for Multi-Agent Models. 2017 IEEE 13th International Conference on e-Science (e-Science). :39–48.

Multi-agent simulations are useful for exploring collective patterns of individual behavior in social, biological, economic, network, and physical systems. However, there is no provenance support for multi-agent models (MAMs) in a distributed setting. To this end, we introduce ProvMASS, a novel approach to capture provenance of MAMs in a distributed memory by combining inter-process identification, lightweight coordination of in-memory provenance storage, and adaptive provenance capture. ProvMASS is built on top of the Multi-Agent Spatial Simulation (MASS) library, a framework that combines multi-agent systems with large-scale fine-grained agent-based models, or MAMs. Unlike other environments supporting MAMs, MASS parallelizes simulations with distributed memory, where agents and spatial data are shared application resources. We evaluate our approach with provenance queries to support three use cases and performance measures. Initial results indicate that our approach can support various provenance queries for MAMs at reasonable performance overhead.

Davydov, Vadim, Bezzateev, Sergey.  2018.  Secure Information Exchange in Defining the Location of the Vehicle. 2018 41st International Conference on Telecommunications and Signal Processing (TSP). :1—5.

With the advent of the electric vehicle market, the problem of locating a vehicle is becoming more and more important. Smart roads are creating, where the car control system can work without a person - communicating with the elements on the road. The standard technologies, such as GPS, can't always accurately determine the location, and not all vehicles have a GPS-module. It is very important to build an effective secure communication protocol between the vehicle and the base stations on the road. In this paper we consider different methods of location determination, propose the improved communicating protocol between the vehicle and the base station.

Day, Wei-Yen, Li, Ninghui, Lyu, Min.  2016.  Publishing Graph Degree Distribution with Node Differential Privacy. Proceedings of the 2016 International Conference on Management of Data. :123–138.

Graph data publishing under node-differential privacy (node-DP) is challenging due to the huge sensitivity of queries. However, since a node in graph data oftentimes represents a person, node-DP is necessary to achieve personal data protection. In this paper, we investigate the problem of publishing the degree distribution of a graph under node-DP by exploring the projection approach to reduce the sensitivity. We propose two approaches based on aggregation and cumulative histogram to publish the degree distribution. The experiments demonstrate that our approaches greatly reduce the error of approximating the true degree distribution and have significant improvement over existing works. We also present the introspective analysis for understanding the factors of publishing the degree distribution with node-DP.

Dcruz, Hans John, Kaliaperumal, Baskaran.  2018.  Analysis of Cyber-Physical Security in Electric Smart Grid : Survey and challenges. 2018 6th International Renewable and Sustainable Energy Conference (IRSEC). :1–6.
With the advancement in technology, inclusion of Information and Communication Technology (ICT) in the conventional Electrical Power Grid has become evident. The combination of communication system with physical system makes it cyber-physical system (CPS). Though the advantages of this improvement in technology are numerous, there exist certain issues with the system. Security and privacy concerns of a CPS are a major field and research and the insight of which is content of this paper.
De Abreu, Sergio.  2019.  A Feasibility Study on Machine Learning Techniques for APT Detection and Protection in VANETs. 2019 IEEE 12th International Conference on Global Security, Safety and Sustainability (ICGS3). :212—212.
It is estimated that by 2030, 1 in 4 vehicles on the road will be driverless with adoption rates increasing this figure substantially over the next few decades.
de Almeida Arantes, Daniel, Borges da Silva, Luiz Eduardo, Teixeira, Carlos Eduardo, Campos, Mateus Mendes, Lambert-Torres, Germano, Bonaldi, Erik Leandro, de Lacerda de Oliveira, Levy Ely, da Costa, Germando Araújo.  2019.  Relative Permittivity Meter Using a Capacitive Sensor and an Oscillating Current Source. IECON 2019 - 45th Annual Conference of the IEEE Industrial Electronics Society. 1:806—811.

The relative permittivity (also known as dielectric constant) is one of the physical properties that characterize a substance. The measurement of its magnitude can be useful in the analysis of several fluids, playing an important role in many industrial processes. This paper presents a method for measuring the relative permittivity of fluids, with the possibility of real-time monitoring. The method comprises the immersion of a capacitive sensor inside a tank or duct, in order to have the inspected substance as its dielectric. An electronic circuit is responsible for exciting this sensor, which will have its capacitance measured through a quick analysis of two analog signals outputted by the circuit. The developed capacitance meter presents a novel topology derived from the well-known Howland current source. One of its main advantages is the capacitance-selective behavior, which allows the system to overcome the effects of parasitic resistive and inductive elements on its readings. In addition to an adjustable current output that suits different impedance magnitudes, it exhibits a steady oscillating behavior, thus allowing continuous operation without any form of external control. This paper presents experimental results obtained from the proposed system and compares them to measurements made with proven and calibrated equipment. Two initial capacitance measurements performed with the system for evaluating the sensor's characteristics exhibited relative errors of approximately 0.07% and 0.53% in comparison to an accurate workbench LCR meter.

de Almeida Ramos, Elias, Filho, João Carlos Britto, Reis, Ricardo.  2019.  Cryptography by Synchronization of Hopfield Neural Networks that Simulate Chaotic Signals Generated by the Human Body. 2019 17th IEEE International New Circuits and Systems Conference (NEWCAS). :1–4.
In this work, an asymmetric cryptography method for information security was developed, inspired by the fact that the human body generates chaotic signals, and these signals can be used to create sequences of random numbers. Encryption circuit was implemented in a Reconfigurable Hardware (FPGA). To encode and decode an image, the chaotic synchronization between two dynamic systems, such as Hopfield neural networks (HNNs), was used to simulate chaotic signals. The notion of Homotopy, an argument of topological nature, was used for the synchronization. The results show efficiency when compared to state of the art, in terms of image correlation, histogram analysis and hardware implementation.
De Alwis, C., Arachchi, H.K., Fernando, A., Pourazad, M..  2014.  Content and network-aware multicast over wireless networks. Heterogeneous Networking for Quality, Reliability, Security and Robustness (QShine), 2014 10th International Conference on. :122-128.

This paper proposes content and network-aware redundancy allocation algorithms for channel coding and network coding to optimally deliver data and video multicast services over error prone wireless mesh networks. Each network node allocates redundancies for channel coding and network coding taking in to account the content properties, channel bandwidth and channel status to improve the end-to-end performance of data and video multicast applications. For data multicast applications, redundancies are allocated at each network node in such a way that the total amount of redundant bits transmitted is minimised. As for video multicast applications, redundancies are allocated considering the priority of video packets such that the probability of delivering high priority video packets is increased. This not only ensures the continuous playback of a video but also increases the received video quality. Simulation results for bandwidth sensitive data multicast applications exhibit up to 10× reduction of the required amount of redundant bits compared to reference schemes to achieve a 100% packet delivery ratio. Similarly, for delay sensitive video multicast applications, simulation results exhibit up to 3.5dB PSNR gains in the received video quality.

de Andrade Bragagnolle, Thiago, Pereira Nogueira, Marcelo, de Oliveira Santos, Melissa, do Prado, Afonso José, Ferreira, André Alves, de Mello Fagotto, Eric Alberto, Aldaya, Ivan, Abbade, Marcelo Luís Francisco.  2019.  All-Optical Spectral Shuffling of Signals Traveling through Different Optical Routes. 2019 21st International Conference on Transparent Optical Networks (ICTON). :1–4.
A recent proposed physical layer encryption technique uses an all-optical setup based on spatial light modulators to split two or more wavelength division multiplexed (WDM) signals in several spectral slices and to shuffle these slices. As a result, eavesdroppers aimed to recover information from a single target signal need to handle all the signals involved in the shuffling process. In this work, computer simulations are used to analyse the case where the shuffled signals propagate through different optical routes. From a security point of view, this is an interesting possibility because it obliges eavesdroppers to tap different optical fibres/ cables. On the other hand, each shuffled signal experiences different physical impairments and the deleterious consequences of these effects must be carefully investigated. Our results indicate that, in a metropolitan area network environment, penalties caused by attenuation and dispersion differences may be easily compensated with digital signal processing algorithms that are presently deployed.
De Capitani di Vimercati, Sabrina, Foresti, Sara, Livraga, Giovanni, Samarati, Pierangela.  2019.  Empowering Owners with Control in Digital Data Markets. 2019 IEEE 12th International Conference on Cloud Computing (CLOUD). :321–328.

We propose an approach for allowing data owners to trade their data in digital data market scenarios, while keeping control over them. Our solution is based on a combination of selective encryption and smart contracts deployed on a blockchain, and ensures that only authorized users who paid an agreed amount can access a data item. We propose a safe interaction protocol for regulating the interplay between a data owner and subjects wishing to purchase (a subset of) her data, and an audit process for counteracting possible misbehaviors by any of the interacting parties. Our solution aims to make a step towards the realization of data market platforms where owners can benefit from trading their data while maintaining control.

de Chérisey, Eloi, Guilley, Sylvain, Rioul, Olivier, Jayasinghe, Darshana.  2016.  Template Attacks with Partial Profiles and Dirichlet Priors: Application to Timing Attacks. Proceedings of the Hardware and Architectural Support for Security and Privacy 2016. :7:1–7:8.

In order to retrieve the secret key in a side-channel attack, the attacker computes distinguisher values using all the available data. A profiling stage is very useful to provide some a priori information about the leakage model. However, profiling is essentially empirical and may not be exhaustive. Therefore, during the attack, the attacker may come up on previously unseen data, which can be troublesome. A lazy workaround is to ignore all such novel observations altogether. In this paper, we show that this is not optimal and can be avoided. Our proposed techniques eventually improve the performance of classical information-theoretic distinguishers in terms of success rate.

De Cnudde, Thomas, Reparaz, Oscar, Bilgin, Begül, Nikova, Svetla, Nikov, Ventzislav, Rijmen, Vincent.  2016.  Masking AES With D+1 Shares in Hardware. Proceedings of the 2016 ACM Workshop on Theory of Implementation Security. :43–43.

Masking requires splitting sensitive variables into at least d+1 shares to provide security against DPA attacks at order d. To this date, this minimal number has only been deployed in software implementations of cryptographic algorithms and in the linear parts of their hardware counterparts. So far there is no hardware construction that achieves this lower bound if the function is nonlinear and the underlying logic gates can glitch. In this paper, we give practical implementations of the AES using d+1 shares aiming at first- and second-order security even in the presence of glitches. To achieve this, we follow the conditions presented by Reparaz et al. at CRYPTO 2015 to allow hardware masking schemes, like Threshold Implementations, to provide theoretical higher-order security with d+1 shares. The decrease in number of shares has a direct impact in the area requirements: our second-order DPA resistant core is the smallest in area so far, and its S-box is 50% smaller than the current smallest Threshold Implementation of the AES S-box with similar security and attacker model. We assess the security of our masked cores by practical side-channel evaluations. The security guarantees are met with 100 million traces.

De Gaspari, Fabio, Jajodia, Sushil, Mancini, Luigi V., Panico, Agostino.  2016.  AHEAD: A New Architecture for Active Defense. Proceedings of the 2016 ACM Workshop on Automated Decision Making for Active Cyber Defense. :11–16.

Active defense is a popular defense technique based on systems that hinder an attacker's progress by design, rather than reactively responding to an attack only after its detection. Well-known active defense systems are honeypots. Honeypots are fake systems, designed to look like real production systems, aimed at trapping an attacker, and analyzing his attack strategy and goals. These types of systems suffer from a major weakness: it is extremely hard to design them in such a way that an attacker cannot distinguish them from a real production system. In this paper, we advocate that, instead of adding additional fake systems in the corporate network, the production systems themselves should be instrumented to provide active defense capabilities. This perspective to active defense allows containing costs and complexity, while at the same time provides the attacker with a more realistic-looking target, and gives the Incident Response Team more time to identify the attacker. The proposed proof-of-concept prototype system can be used to implement active defense in any corporate production network, with little upfront work, and little maintenance.

De Groef, Willem, Subramanian, Deepak, Johns, Martin, Piessens, Frank, Desmet, Lieven.  2016.  Ensuring Endpoint Authenticity in WebRTC Peer-to-peer Communication. Proceedings of the 31st Annual ACM Symposium on Applied Computing. :2103–2110.

WebRTC is one of the latest additions to the ever growing repository of Web browser technologies, which push the envelope of native Web application capabilities. WebRTC allows real-time peer-to-peer audio and video chat, that runs purely in the browser. Unlike existing video chat solutions, such as Skype, that operate in a closed identity ecosystem, WebRTC was designed to be highly flexible, especially in the domains of signaling and identity federation. This flexibility, however, opens avenues for identity fraud. In this paper, we explore the technical underpinnings of WebRTC's identity management architecture. Based on this analysis, we identify three novel attacks against endpoint authenticity. To answer the identified threats, we propose and discuss defensive strategies, including security improvements for the WebRTC specifications and mitigation techniques for the identity and service providers.

De Guzman, Froilan E., Gerardo, Bobby D., Medina, Ruji P..  2019.  Implementation of Enhanced Secure Hash Algorithm Towards a Secured Web Portal. 2019 IEEE 4th International Conference on Computer and Communication Systems (ICCCS). :189–192.
In this paper, the application of the enhanced secure hash algorithm-512 is implemented on web applications specifically in password hashing. In addition to the enhancement of hash function, hill cipher is included for the salt generation to increase the complexity of generating hash tables that may be used as an attack on the algorithm. The testing of same passwords saved on the database is used to create hash collisions that will result to salt generation to produce a new hash message. The matrix encryption key provides five matrices to be selected upon based on the length of concatenated username, password, and concatenated characters from the username. In this process, same password will result to a different hash message that will to make it more secured from future attacks.
De Guzman, Froilan E., Gerardo, Bobby D., Medina, Ruji P..  2018.  Enhanced Secure Hash Algorithm-512 based on Quadratic Function. 2018 IEEE 10th International Conference on Humanoid, Nanotechnology, Information Technology,Communication and Control, Environment and Management (HNICEM). :1—6.

This paper attempts to introduce the enhanced SHA-1 algorithm which features a simple quadratic function that will control the selection of primitive function and constant used per round of SHA-1. The message digest for this enhancement is designed for 512 hashed value that will answer the possible occurrence of hash collisions. Moreover, this features the architecture of 8 registers of A, B, C, D, E, F, G, and H which consists of 64 bits out of the total 512 bits. The testing of frequency for Q15 and Q0 will prove that the selection of primitive function and the constant used are not equally distributed. Implementation of extended bits for hash message will provide additional resources for dictionary attacks and the extension of its hash outputs will provide an extended time for providing a permutation of 512 hash bits.

De La Peña Montero, Fabian, Hariri, Salim.  2017.  Autonomic and Integrated Management for Proactive Cyber Security (AIM-PSC). Companion Proceedings of the10th International Conference on Utility and Cloud Computing. :107–112.

The complexity, multiplicity, and impact of cyber-attacks have been increasing at an alarming rate despite the significant research and development investment in cyber security products and tools. The current techniques to detect and protect cyber infrastructures from these smart and sophisticated attacks are mainly characterized as being ad hoc, manual intensive, and too slow. We present in this paper AIM-PSC that is developed jointly by researchers at AVIRTEK and The University of Arizona Center for Cloud and Autonomic Computing that is inspired by biological systems, which can efficiently handle complexity, dynamism and uncertainty. In AIM-PSC system, an online monitoring and multi-level analysis are used to analyze the anomalous behaviors of networks, software systems and applications. By combining the results of different types of analysis using a statistical decision fusion approach we can accurately detect any types of cyber-attacks with high detection and low false alarm rates and proactively respond with corrective actions to mitigate their impacts and stop their propagation.

de Lima, Davi Ferreira, Bezerra, José Roberto, de Macedo Costa da Silva, Jorge Fredericson.  2018.  Privacy and Integrity Protection of Data in SCADA Systems. Proceedings of the 10th Latin America Networking Conference. :110–114.
The critical infrastructure of a country, due to its relevance and complexity, demands systems to facilitate the user interaction to correctly deal and share the information related to the monitored processes. The systems currently applied to monitor such infrastructures are based on SCADA architecture. The advent of the Internet jointly to the needs of fast information exchange at any place in order to support accurate decision-making processes, demands increasing interconnection among SCADA and management systems. However, such interconnection may expose sensitive data manipulated by such systems to hackers which may cause massive damages, financial loses, threats to human lives among others. Therefore, unprotected data may expose the systems to cyber-criminals by affecting any of the cyber-security principles, Confidentiality, Integrity, and Authenticity. This article presents four study cases using Wireshark to analyze a popular SCADA software to check user authentication process. The result of this research was the reading in plain text of the user authentication data used to access the control and monitoring system. As an immediate and minimal solution, this work presents low cost, easy setup and open source solutions are proposed using VPN and protocol obfuscator to improve security applying cryptography and hide the data passing through Virtual Private Network.
de Matos Patrocínio dos Santos, Bernardo, Dzogovic, Bruno, Feng, Boning, Do, Van Thuan, Jacot, Niels, van Do, Thanh.  2019.  Towards Achieving a Secure Authentication Mechanism for IoT Devices in 5G Networks. 2019 6th IEEE International Conference on Cyber Security and Cloud Computing (CSCloud)/ 2019 5th IEEE International Conference on Edge Computing and Scalable Cloud (EdgeCom). :130–135.

Upon the new paradigm of Cellular Internet of Things, through the usage of technologies such as Narrowband IoT (NB-IoT), a massive amount of IoT devices will be able to use the mobile network infrastructure to perform their communications. However, it would be beneficial for these devices to use the same security mechanisms that are present in the cellular network architecture, so that their connections to the application layer could see an increase on security. As a way to approach this, an identity management and provisioning mechanism, as well as an identity federation between an IoT platform and the cellular network is proposed as a way to make an IoT device deemed worthy of using the cellular network and perform its actions.

De Oliveira Nunes, Ivan, Dessouky, Ghada, Ibrahim, Ahmad, Rattanavipanon, Norrathep, Sadeghi, Ahmad-Reza, Tsudik, Gene.  2019.  Towards Systematic Design of Collective Remote Attestation Protocols. 2019 IEEE 39th International Conference on Distributed Computing Systems (ICDCS). :1188–1198.
Networks of and embedded (IoT) devices are becoming increasingly popular, particularly, in settings such as smart homes, factories and vehicles. These networks can include numerous (potentially diverse) devices that collectively perform certain tasks. In order to guarantee overall safety and privacy, especially in the face of remote exploits, software integrity of each device must be continuously assured. This can be achieved by Remote Attestation (RA) - a security service for reporting current software state of a remote and untrusted device. While RA of a single device is well understood, collective RA of large numbers of networked embedded devices poses new research challenges. In particular, unlike single-device RA, collective RA has not benefited from any systematic treatment. Thus, unsurprisingly, prior collective RA schemes are designed in an ad hoc fashion. Our work takes the first step toward systematic design of collective RA, in order to help place collective RA onto a solid ground and serve as a set of design guidelines for both researchers and practitioners. We explore the design space for collective RA and show how the notions of security and effectiveness can be formally defined according to a given application domain. We then present and evaluate a concrete collective RA scheme systematically designed to satisfy these goals.